March’s MiSec meeting will be held on Thursday, March 8th, at 7pm. This is the first of our OWASP Detroit meetings. We are  excited about this new endeavor and bring AppSec front and center in the Detroit area. The agenda for the meeting will be:

• Introductions
• Overview of OWASP & Chapter Direction
• Presentation: Finding, Exploiting, and Eliminating XSS Flaws, Josh Little (@zombietango)
• Discussion and Questions

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 623-600-270, Meeting Password: misec.

A sneak peak at what is to come:

• Chris (@rattis) takes us back to the basics in April
• Mark (@niteshad) in May, and …
• BSides Detroit in June (http://bit.ly/BSidesDetroit)

February’s MiSec meeting will be held on Thursday, February 9th, at 7pm. Steven F. Fox (@securelexicon) will be presenting “How to Create Social Illusions: A Social Engineering Case Study.”

Steven F. Fox, CISSP, QSA is a Security Architecture and Engineering Advisor at the U.S. Department of the Treasury and holds an MS in Business Information Technology from Walsh College, an NSA recognized Center of Excellence. Mr. Fox brings a cross-disciplinary perspective to the practice of information security; combining his experience as a security consultant, a Sr. IT Auditor and a systems engineer with principles from behavioral/organizational psychology to address security challenges. He is a syndicated blogger covering IT Governance, Risk Management, and IT-Business fusion topics. He also serves on the Board of the Motor City ISSA chapter and hosts/produces the Securelexicon Information Security Podcast.

This presentation will describe a psychological framework that informs a social engineer’s reconnaissance, pretext formulation, and social exploit activities. A case study will illustrate the use of the Social Engineer’s Toolkit, Maltego, and Google Hacking to collect information that contributed to a successful engagement. Attendees will learn how to analyze information for psychological and social indicators that enables a social engineer to model a target’s culture. They will also learn how social engineers use this model to identify opportunities for social exploits.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 465-096-790, Meeting Password: misec.

A sneak peak at what is to come:

• OWASP with Josh Little in March
• Chris takes us back to the basics in April

January’s MiSec meeting will be held on Thursday, January 12th, at 7pm. This month’s round table discussion will focus on what #misec members would like to see the group do in 2012.

“Overview of Python – Flying made simple without the Nyquil hangover.” Keith Dixon (@Tazdrumm3r) will be walking us thru the Python language, and how to use Python for solving CTF challenges and for solving our day-to-day challenges.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 575-089-806, Meeting Password: misec.

A sneak peak at what is to come:

• Steven Fox on social engineering tools in February
• OWASP in March
• Chris takes us back to the basics in April